NCP is installed through the Tanzu Application Service (TAS) Ops Manager graphical user interface.
Prerequisites
- A fresh installation of Ops Manager, NSX, and TAS. Make sure that Ops Manager is installed first, then NSX, and then TAS. For more information, see the Tanzu Application Service documentation.
- If you are running TAS 2.13, you must download the Jammy stemcell.
Procedure
- Download the NCP installation file for TAS.
The file name is
VMware-NSX-T.<version>.<build>.pivotal.
- Log in to Ops Manager as an administrator.
- Click Import a Product.
- Select the file that was downloaded.
- Click the Ops Manager Director for VMware vSphere tile.
- In the Settings tab for vCenter Config, select NSX Networking and for NSX Mode, select NSX-T.
- In the NSX CA Cert field, provide the certificate in PEM format.
- Click Save.
- Click Installation Dashboard in the upper left corner to return to the dashboard.
- Click the Tanzu Application Service tile.
- In the Settings tab, select Networking in the navigation pane.
- Under Container Network Interface Plugin, select External.
- Click Installation Dashboard in the upper left corner to return to the dashboard.
- Click Save.
- Click Installation Dashboard in the upper left corner to return to the dashboard.
- Click the VMware NSX-T tile.
- Enter the address of the NSX Manager.
- Select the method for NSX Manager authentication.
Option |
Action |
Client Certificate Authentication |
Provide the certificate and private key for NSX Manager. |
Basic Authentication with Username and Password |
Provide the NSX Manager administrator user name and password. |
- In the NSX Manager CA Cert field, provide the certificate.
- Click Save.
- Select NCP in the navigation pane.
- Enter the TAS Foundation Name.
This string uniquely identifies a TAS foundation in NSX API. This string is also used as the prefix in the names of NSX resources created by NCP for the TAS foundation.
- Enter the Overlay Transport Zone.
- Enter the Tier-0 Router.
- Specify one or more IP Blocks of Container Networks.
- Click Add.
- Enter IP Block Name. It can be a new or existing IP block.
- For a new IP block only, specify the block in CIDR format, for example, 10.1.0.0/16.
- Specify the subnet prefix of the container networks.
- Click Enable SNAT for Container Networks to enable SNAT.
- Specify one or more IP Pools used to provide External (NAT) IP Address to Org Networks.
- Click Add.
- Enter IP Pool Name. It can be a new or existing IP pool.
- For a new IP pool only, specify the IP addresses by providing the CIDR and the IP ranges.
- (Optional) Enter the Top Firewall Section Marker.
- (Optional) Enter the Bottom Firewall Section Marker.
- (Optional) Enable or disable the following options.
Option |
Default Value |
Log Dropped Application Traffic |
Disabled. If enabled, traffic that is dropped due to a firewall rule will be logged. |
Enable Debug Level for NCP Logging |
Enabled. |
- Click Save.
- (Optional) Select NSX Node Agent in the navigation pane.
- Check Enable Debug Level of Logging for NSX Node Agent to enable debug level logging.
- Click Save.
- Click Installation Dashboard in the upper left corner to return to the dashboard.
- Click Apply Changes.